In March of 2017, some Eval25 Users were notified that CollegeNET's security auditors require us to eliminate the use of outdated encryption standards TLS 1.0 and 1.1. In the near future, we will no longer support TLS 1.0 or 1.1, and only support the use of TLS 1.2.
Your institution may potentially be affected by this change, particularly in relation to the use of Eval25 and the Eval25 GradeHook web service. Please perform the following to continue to successfully connect to both Eval25 and the Eval25 GradeHook:
- Upgrade to Java 8.
https://www.java.com/en/download/ - Instruct your users to upgrade to the following browser versions which support TLS 1.2:
- Android 5 (or 4.1 with non-default configuration enabled)
- Chrome 30
- Firefox 27
- Internet Explorer 11
- Opera 17
- Safari 7 (5 for Safari Mobile)
- Check to make sure your client encryption software supports ECDHE ciphers. If not, you will need to upgrade it.
- For safety and performance reasons, please use one of the following acceptable TLS 1.2ciphers:
- TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)
ECDH secp256r1 (eq. 3072 bits RSA) FS 256 - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
ECDH secp256r1 (eq. 3072 bits RSA) FS 128 - TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028)
ECDH secp256r1 (eq. 3072 bits RSA) FS 256 - TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027)
ECDH secp256r1 (eq. 3072 bits RSA) FS 128
If you have any questions, please contact the Eval25 Support Team. The Support Team can be reached directly from within Eval25 by clicking on the Help link in the upper right corner of the application header. Search the help articles and community conversations for answers to common questions, or email support@collegenet.com to initiate a support ticket with us.